Array Security Appliance Scrutinizes Web Traffic

 
 
By Matthew Hicks  |  Posted 2002-08-12
 
 
 

Array Networks Inc. will make available next quarter a network appliance for surveillance of Web traffic. The Array Security Reconnaissance Secure Web Traffic Analyzer can scan, analyze and record incoming and outgoing Web traffic, including SSL-encrypted sessions, officials said.

Array, of Campbell, Calif., is targeting the new device at large enterprises that want to prevent the sharing of confidential information or network abuse, as well as government agencies that need to bolster homeland security while meeting the terms of electronic surveillance laws.

The stand-alone network device selectively captures and analyzes network traffic by monitoring thousands of traffic flows and recording them based on set triggers. For example, an enterprise could set a specific SMTP e-mail user as a trigger and watch the SMTP traffic in e-mail messages being transmitted by that user.

"Already, companies see how to keep porn out of the office, and this is the next big step forward," said Steve Shah, director of product man- agement at Array. "Beyond the obvious filters, how do I look for questionable activities?"

In its initial version, Array SR will support HTTP, Secure HTTP, FTP and SMTP transmissions. In the first quarter of next year, Array will add support for Post Office Protocol and IMAP traffic in the Array SR.

The device, operating at Gigabit Ethernet wire speed, can capture Web traffic using methods such as static or dynamic IP, Remote Authentication Dial-In User Service protocols, headers, and content. Once recorded, the data is digitally signed and encrypted. The Array SR includes an integrated DVD writer so that collected data can be exported for analysis.

Rino Ong, a system architect at the University of British Columbia, in Vancouver, said he would be interested in preventing misuse of private information such as student records and financial information. Ong uses Arrays Array 500 and Array 1000 Web traffic management devices for such functions as caching and SSL (Secure Sockets Layer) acceleration.

"We have concerns about security because we deal with sensitive information," Ong said. "If something helps in further securing that information, then its a compelling product to look at."

Final pricing for the Array SR has not been set, but officials said it should range between $80,000 and $100,000.

Separately, Array this week will make available a sibling to its Array SP (Security Proxy) SSL virtual private network device. The Array SP-C (Security Proxy Compact) will offer most of the features of the Array SP but is targeted at smaller companies and offices.

It allows businesses to secure Web services and applications with encryption, authentication, authoriza-tion and accounting capabilities.

The Array SP-C will support as many as 100 concurrent users, while the Array SP supports up to 10,000 concurrent users. Pricing ranges from $15,000 for five concurrent users to $25,000 for 100 concurrent users.

Rocket Fuel